-
Optimal Cybersecurity Investments Using SIS Model: Weakly Connected Networks
Authors:
Van Sy Mai,
Richard J. La,
Abdella Battou
Abstract:
We study the problem of minimizing the (time) average security costs in large systems comprising many interdependent subsystems, where the state evolution is captured by a susceptible-infected-susceptible (SIS) model. The security costs reflect security investments, economic losses and recovery costs from infections and failures following successful attacks. However, unlike in existing studies, we…
▽ More
We study the problem of minimizing the (time) average security costs in large systems comprising many interdependent subsystems, where the state evolution is captured by a susceptible-infected-susceptible (SIS) model. The security costs reflect security investments, economic losses and recovery costs from infections and failures following successful attacks. However, unlike in existing studies, we assume that the underlying dependence graph is only weakly connected, but not strongly connected. When the dependence graph is not strongly connected, existing approaches to computing optimal security investments cannot be applied. Instead, we show that it is still possible to find a good solution by perturbing the problem and establishing necessary continuity results that then allow us to leverage the existing algorithms.
△ Less
Submitted 12 April, 2022;
originally announced April 2022.
-
End-to-End Quality-of-Service Assurance with Autonomous Systems: 5G/6G Case Study
Authors:
Van Sy Mai,
Richard J. La,
Tao Zhang,
Abdella Battou
Abstract:
Providing differentiated services to meet the unique requirements of different use cases is a major goal of the fifth generation (5G) telecommunication networks and will be even more critical for future 6G systems. Fulfilling this goal requires the ability to assure quality of service (QoS) end to end (E2E), which remains a challenge. A key factor that makes E2E QoS assurance difficult in a teleco…
▽ More
Providing differentiated services to meet the unique requirements of different use cases is a major goal of the fifth generation (5G) telecommunication networks and will be even more critical for future 6G systems. Fulfilling this goal requires the ability to assure quality of service (QoS) end to end (E2E), which remains a challenge. A key factor that makes E2E QoS assurance difficult in a telecommunication system is that access networks (ANs) and core networks (CNs) manage their resources autonomously. So far, few results have been available that can ensure E2E QoS over autonomously managed ANs and CNs. Existing techniques rely predominately on each subsystem to meet static local QoS budgets with no recourse in case any subsystem fails to meet its local budgets and, hence will have difficulty delivering E2E assurance. Moreover, most existing distributed optimization techniques that can be applied to assure E2E QoS over autonomous subsystems require the subsystems to exchange sensitive information such as their local decision variables. This paper presents a novel framework and a distributed algorithm that can enable ANs and CNs to autonomously "cooperate" with each other to dynamically negotiate their local QoS budgets and to collectively meet E2E QoS goals by sharing only their estimates of the global constraint functions, without disclosing their local decision variables. We prove that this new distributed algorithm converges to an optimal solution almost surely, and also present numerical results to demonstrate that the convergence occurs quickly even with measurement noise.
△ Less
Submitted 31 January, 2022;
originally announced January 2022.
-
Optimal Cybersecurity Investments in Large Networks Using SIS Model: Algorithm Design
Authors:
Van Sy Mai,
Richard J. La,
Abdella Battou
Abstract:
We study the problem of minimizing the (time) average security costs in large networks/systems comprising many interdependent subsystems, where the state evolution is captured by a susceptible-infected-susceptible (SIS) model. The security costs reflect security investments, economic losses and recovery costs from infections and failures following successful attacks. We show that the resulting opt…
▽ More
We study the problem of minimizing the (time) average security costs in large networks/systems comprising many interdependent subsystems, where the state evolution is captured by a susceptible-infected-susceptible (SIS) model. The security costs reflect security investments, economic losses and recovery costs from infections and failures following successful attacks. We show that the resulting optimization problem is nonconvex and propose a suite of algorithms - two based on a convex relaxation, and the other two for finding a local minimizer, based on a reduced gradient method and sequential convex programming. Also, we provide a sufficient condition under which the convex relaxations are exact and, hence, their solution coincides with that of the original problem. Numerical results are provided to validate our analytical results and to demonstrate the effectiveness of the proposed algorithms.
△ Less
Submitted 7 May, 2021; v1 submitted 14 May, 2020;
originally announced May 2020.